ELOG

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG

Not logged in

Back | Find | Login | Help

Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?, posted by Steve Jones on Wed Aug 11 18:12:35 2004

Re: Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?, posted by Stefan Ritt on Thu Aug 12 21:37:29 2004

Re: Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?, posted by Steve Jones on Thu Aug 12 22:18:56 2004

Re: Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?, posted by Stefan Ritt on Thu Aug 12 22:25:45 2004

Re: Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?, posted by Steve Jones on Mon Aug 16 21:48:49 2004

Message ID: 664 Entry time: Thu Aug 12 21:37:29 2004 In reply to: 662 Reply to this: 666

Icon:

Author:

Stefan Ritt

Author Email:

stefan.ritt@psi.ch

Category:

Question

OS:

Other

ELOG Version:

2.5.4

Subject:

Re: Q: On Solaris 8, eLog not honoring USR= and GRP= cfg file directives?

> I'm not sure if this is a configuration problem or a bug, but running
> v2.5.4subver1.413, elogd runs as user ROOT (UID0) even though the following
> is in the elogd.cfd file:
> 
> Usr = nobody
> Grp = essadm
> 
> All other directives added to the cfg file work, so I know eLog is reading
> the cfg file.  
> 
> The elogd binary *is not* setuid 0.

I could not reproduce your problem with the current version (Revision 1.460)
under Linux. I guess you made sure that user "nobody" and group "essadm" exist.
Try to run elogd interactively, if you see any error message (without "-D"
flag). In the most recent version (1.460), I added some more debugging code
which tells you if elogd successfully fell back to another user, if you use the
"-v" (verbose) flag.

If all that does not help, I guess it's some peculiarity of Solaris. Maybe
someone else using Solaris has some idea. All elogd does is a call to 

setuser("<user>");

I see no reason why this should not work on Solaris.

ELOG V3.1.5-fe60aaf